1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
#!/bin/sh
#
# tiger - A UN*X security checking system
# Copyright (C) 1993 Douglas Lee Schales, David K. Hess, David R. Safford
#
# Please see the file `COPYING' for the complete copyright notice.
#
# check_known - 06/14/93
#
# 04/27/93 dls "1's complement" check of /bin/login added
# 06/06/93 dls Moved 1's complement check to SunOS 4.x specific
#
#-----------------------------------------------------------------------------
#
TigerInstallDir='.'
#
# Set default base directory.
# Order or preference:
# -B option
# TIGERHOMEDIR environment variable
# TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}
for parm
do
case $parm in
-B) basedir=$2; break;;
esac
done
#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
exit 1
}
. $basedir/config
. $BASEDIR/initdefs
#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
haveallcmds AWK CAT CC EGREP FIND GET_MOUNTS LS RM SED SGREP STRINGS TR || exit 1
haveallfiles BASEDIR WORKDIR || exit 1
haveallvars TESTLINK HOSTNAME
echo "--CONFIG-- [init003c] $0: Configuration ok..."
exit 0
}
#------------------------------------------------------------------------
echo
echo "# Checking sendmail..."
haveallcmds STRINGS GREP SED AWK SORT LS || exit 1
check_date()
{
mailer="$1"
if [ -r "$mailer" ]; then
$STRINGS $mailer |
$GREP '[0-9]*/[0-9]*/[0-9]*' |
$SED -e 's%^.* *\([0-9][0-9]*/[0-9][0-9]*/[0-9][0-9]*\).*$%\1%' |
$AWK -F/ '{
month=$1;
day=$2;
year=$3;
if(month > 12){
year=$1;
month=$2;
day=$3;
}
if(year<100)
year += 1900;
printf("%04d %02d %02d\n", year, month, day);
}' |
$SORT -r |
$SED -e 1q | {
read year month day
[ "$year" -lt 1993 -o \( "$year" -eq 1993 -a "$month" -lt 10 \) ] && {
message WARN misc010w "" "$mailer appears to be older than November 1993 (apparent date $month/$day/$year), and may contain a security vulnerability."
}
}
else
message ERROR misc012e "" "Can not read $mailer. Test skipped."
fi
}
{
if [ -r "$SENDMAILCF" ]; then
$GREP '^Mprog' $SENDMAILCF |
$SED -e 's/^.*P=\([^, ]*\).*$/\1/'
else
echo "/bin/sh"
fi
} |
{
read progmailer
usingsmrsh=0
case "$progmailer" in
*/smrsh) usingsmrsh=1;;
esac
if [ "$usingsmrsh" = 0 ]; then
for mailer in $SENDMAILS
do
[ -f "$mailer" ] && check_date "$mailer"
done
else
$STRINGS $progmailer |
$GREP '/[-a-zA-Z0-9_.][-a-zA-Z0-9_./]*' |
$GREP -v '/.*:/.*' |
$SED -e 's/[^-a-zA-Z0-9_./]/ /g' |
$AWK '{
for(i=1;i<=NF;i++)
if(substr($i,1,1) == "/")
print $i;
}' |
$GREP '^/[-/a-zA-Z0-9_.]*$' |
$GREP -v /bin/sh |
while read path
do
[ -d "$path" ] && {
$LS "$path" |
while read file
do
case "$file" in
sh|csh|perl|uudecode|sed|grep|awk|cat|ksh|bash|tcsh) {
message WARN misc011w "" "Executable \`$file' in 'smrsh' directory \`$path' may create a vulnerability"
}
;;
esac
done
}
done
fi
}
|
